Impersonation

Just when you thought you had seen it all regarding online phishing scams, along comes a new round of deceptive emails, phones calls, instant messages and even traditional printouts from your fax machine.

Unfortunately, while the popularity of March Madness (the NCAA Basketball Tournament) has grown exponentially, nearly every facet of any employee’s involvement with the event could open up the employee, as well as the organization, to a number of cyber risks.

With the surging growth in cyberspace, new technologies, Wi-Fi, apps, robots, drones, terrorists with social media accounts, the Internet of Things (IoT) and nation-state hacking, online data security has become the Achilles’ heel of the Internet. A growing number of people want to know about new apps available for their smartphones and their data in the cloud – along with the upcoming securit...

Beyond cyber war and the good guys having the right tools to catch the bad guys, there can be a tendency to ignore “more mundane” acceptable use directives. That is, security staff can download copyrighted material (movies and games), view porn at work, look at information that is private (like promotions, raises or other data from management), “borrow” passwords or delete log files to cov...

As information risks and cyber security threats increase, organizations need to move away from reacting to incidents and toward predicting and preventing them. Developing a robust mechanism to assess and treat information risk throughout the organization is a business essential.

Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...

Part III in this series looks at the need to institute a cloud assessment process and the four actions that organizations of all sizes can take to better prepare themselves as they place their sensitive data in the cloud.

Organizations are becoming increasingly dependent on their use of cloud services for business benefit both internally and when working with third party suppliers across multiple jurisdictions. However, while these services can be implemented quickly and easily, organizations need to have a clearer understanding of where their information is stored and how reliable these services are.

For those who may have lost track of time, it’s 2015, and phishing is still a thing. Hackers are breaking into networks, stealing millions of dollars, and the current state of the Internet is pretty grim.

In the early days of malware, we all remember analyzing samples of IRC botnets that were relatively simple, where the malware would connect to a random port running IRC, joining the botnet and waiting for commands from their leader. In this day and age, it’s slightly different.

Do-it-yourself malware toolkits have been available on the black market for a long time, but now researchers have discovered the first ransomware variation for creating your own extortion campaigns – and it’s free to use.

There is an entire cottage industry of people who go to great lengths to upgrade partial data to make it more valuable. On the Dark Web, one can easily find postings buying and selling this kind of partial information.